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Amendments to the Claims 

This listing of claims will replace all prior versions, and listings, of claims in the 
application: 

Listing of Claims: 

Claim 1-14 (cancelled) 

Claim 15 (previously amended) A method for detecting and geographically locating 
a rogue user accessing a wireless computer network wirelessly, where the wireless 
computer network comprises a server computer system and a plurality of wireless access 
points via which a wireless computer workstation accesses the server computer system, 
the method comprising: 

deploying a Network Management System (NMS) into the server computer 
system for collecting Media Access Control (MAC), Internet Protocol (IP) addresses of 
computer workstations and access points connected onto the network, and the 
performance characteristics of the computer workstations and access points; 

detecting a rogue user by comparing the collected MAC and IP addresses with a 
reference set of valid addresses of authorized users, wherein a user with addresses not on 
the reference set is considered as the rogue user; 

determining the nearest wireless access point serving the rogue user by 
performing a logical AND operation between the collected IP address and the subnet 
mask of the rogue user; 

determining the geographical location of the rogue user with reference to the 
nearest wireless access point by a ranking algorithm that derives at least one performance 
index for the rogue user from the collected performance characteristics of the rogue user 
and compares the performance index of the rogue user with the average of the reference 
performance indices of each island mapped near the nearest access point in a spatial 
performance model pertinent to the time of day of detection; 
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wherein the spatial performance model having a plurality of islands is constructed 
dynamically by the following operations, comprising: 

collecting and mapping out the performance characteristics of wireless 
computer workstations in the plurality of islands in the area covered by the wireless 
access points of the network; 

measuring at least one network performance parameter of the performance 
characteristics for each island, wherein each island shares the same performance 
characteristics; and 

deriving a performance index for each island based on the at least one 
performance parameter to obtain the spatial performance model; and 

alerting the administer of the network for taking security measures against the 
located rogue user. 

Claim 16 (cancelled). 

Claim 17 (previously amended) The method according to claim 15, wherein deriving the 
performance index of the rogue user and each island, comprising: 

obtaining differences between the collected performance parameters of the rogue 
user and the performance parameters in the spatial performance model; 

determining a minimum value for each difference; 

normalizing the acquired performance parameters for each difference to obtain a 
rank number; and 

summing the rank number for each island to obtain the performance index. 

Claim 18 (previously amended) The method according to claim 15, wherein deriving the 
performance index of the rogue user and each island, comprising 

determining a minimum values of each performance parameter in the spatial 
performance model; 
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normalizing the values of each performance parameter in the spatial performance 
model and the collected performance parameters of the rogue user to obtain the rank 
numbers; 

obtaining the differences between the rank numbers of performance parameters in 
the spatial performance model and the collected performance parameters of the rogue 
user; and 

summing the differences for each island to obtain the performance index. 
Claim 19 (cancelled). 
Claim 20 (cancelled). 
Claim 21 (cancelled). 
Claim 22 (cancelled). 

Claim 23 (previously amended) The method according to claim 15, wherein deriving of 
the at least one performance index comprising dynamically re-mapping the islands 
previously mapped based on a current performance index of each island at time intervals. 

Claim 24 (cancelled). 

Claim 25 (cancelled). 

Claim 26 (cancelled). 

Claim 27 (previously amended) The method according to claim 15, wherein the 
performance parameters include variables defined at any of a physical layer, a network 
layer, an application layer and a data link layer. 
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Claim 28 (previously amended) The method according to claim 27, wherein the physical 
layer includes any or all of signal strength, noise power and signal-to-noise ratio. 

Claim 29 (previously amended) The method according to claim 27, wherein the network 
layer includes any or all of ping response time, packet round-trip time, packet loss rate 
and propagation delay times. 

Claim 30 (previously amended) The method according to claim 27, wherein the 
application layer includes any or all of transactions responses, applications responses and 
end-to-end delay times. 

Claim 3 1 (previously amended) The method according to claim 27, wherein the data link 
layer includes any or all of link utilization, frame loss rate, number of error frames and 
throughput rate. 

Claim 32 (cancelled). 

Claim 33 (previously amended) The method according to claim 15, wherein the 
performance parameters include any of distance from access point, number of wireless 
users, network topology, building material used and time of day. 

Claim 34 (currently amended) A wireless computer network being capable of detecting 
and geographically locating a rogue user accessing the wireless computer network, 
comprising: 

a server computer system with a non-transitory computer readable medium; and 
a plurality of wireless access points via which wireless computer workstations 

access the server computer system; 

wherein the non-transitory computer readable medium is embedded with 

computer executable programs including: 
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a Network Management System (NMS) program for collecting Media Access 
Control (MAC), Internet Protocol (IP) addresses of computer workstations and access 
points connected onto the network, and the performance characteristics of the computer 
workstations and access points; 

a program for detecting a rogue user by comparing the collected MAC and IP 
addresses with a reference set of valid addresses of authorized users, wherein a user with 
addresses not on the reference set is considered as the rogue user; 

a program for determining the nearest wireless access point serving the rogue user 
by performing a logical AND operation between the collected IP address and the subnet 
mask of the rogue user; 

a program for determining the geographical location of the rogue user with 
reference to the nearest wireless access point by a ranking algorithm that derives at least 
one performance index for the rogue user from the collected performance characteristics 
of the rogue user and compares the performance index of the rogue user with the average 
of the reference performance indices of each island mapped near the nearest access point 
in a spatial performance model pertinent to the time of day of detection; 

wherein the spatial performance model having a plurality of islands is constructed 
dynamically by a program comprising: 

collecting and mapping out the performance characteristics of wireless 
computer workstations in the plurality of islands in the area covered by the wireless 
access points of the network; 

measuring at least one network performance parameter of the performance 
characteristics for each island, wherein each island shares the same performance 
characteristics; and 

deriving a performance index for each island based on the at least one 
performance parameter to obtain the spatial performance model; and 

a program for alerting the administer of the network for taking security measures 
against the located rogue user. 
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Claim 35 (cancelled). 
Claim 36 (cancelled). 

Claim 37 (previously amended) The network according to claim 34 5 wherein the 
performance index of the rogue user and each island, comprising: 

obtaining differences between the collected performance parameters of the rogue 
user and the performance parameters in the spatial performance model; 

determining a minimum value for each difference; 

normalizing the acquired performance parameters for each difference to obtain a 
rank number; and 

summing the rank number for each island to obtain the performance index. 

Claim 38 (previously amended) The network according to claim 34, wherein the 
performance index of the rogue user and each island, comprising 

determining a minimum values of each performance parameter in the spatial 
performance model; 

normalizing the values of each performance parameter in the spatial performance 
model and the collected performance parameters of the rogue user to obtain the rank 
numbers; 

obtaining the differences between the rank numbers of performance parameters in 
the spatial performance model and the collected performance parameters of the rogue 
user; and 

summing the differences for each island to obtain the performance index. 
Claim 39 (cancelled). 
Claim 40 (cancelled). 
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Claim 41 (previously amended) The network according to claim 34, wherein the islands 
previously mapped are dynamically re-mapped based on a current performance index of 
each island at time intervals* 

Claim 42 (cancelled). 

Claim 43 (previously amended) The network according to claim 34, wherein the 
performance parameters includes variables defined at any of a physical layer, a network 
layer, an application layer and a data link layer. 

Claim 44 (previously amended) The network according to claim 34, wherein the physical 
layer includes any or all of signal strength, noise power and signal-to-noise ratio. 

Claim 45 (previously amended) The network according to claim 43, wherein the network 
layer includes any or all of ping response time, packet round-trip time, packet loss rate 
and propagation delay times. 

Claim 46 (previously amended) The network according to claim 43 , wherein the 
application layer includes transactions responses, applications responses and end-to-end 
delay times. 

Claim 47 (previously amended) The network according to claim 43, wherein the data link 
layer includes any of link utilization, frame loss rate, number of error frames and 
throughput rate. 

Claim 48 (previously amended) The network according to claim 34, wherein the spatial 
performance model differs at a particular period of the day. 
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Claim 49 (previously amended) The network according to claim 34, wherein the 
performance parameters include any of distance from access point, number of wireless 
users, network topology, building material used and time of day. 
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